Circle is looking for a Staff Application Security Engineer who will work with engineering and product teams to secure our customer applications, including SeedInvest. As a Staff Application Security Engineer, you will have a part in every aspect of the development lifecycle and work closely with development teams to understand the security posture of the features being developed. You should love tackling difficult problems and be excited to learn new things quickly and independently. It’s crucial that you’re an effective communicator, as you’ll collaborate frequently with different engineering teams to identify and address security issues. You should have a “breaker” mentality, but be effective at designing the mitigating controls.
What you’ll work on
- Partner with development teams to understand the security posture of the features being developed and identify and address security issues
- Attend daily stand ups to ensure that product features have security “built in”
- Work with the Ops and DevSecOps teams to make sure that product features are securely deployed
- Address the application layer security issues as incidents occur
What you’ll bring to SeedInvest/Circle
- 7+ years of application security experience including source code auditing, penetration testing, product assessments, vulnerability research, reverse engineering, etc
- Proven ability to find vulnerabilities beyond the OWASP Top 10.
- Familiar with vulnerability management and penetration testing tools: Burp, ZAP, Kali Linux, or Metasploit
- Excellent communication skills: demonstrated ability to explain complex technical issues to lay audiences
- Strong analytical, organizational, and technical writing skills
- Strong working knowledge of applied cryptography
- Experience using security monitoring technologies e.g. Splunk, CloudWatch and CloudTrail events
- Experience deploying using CI/CD pipelines to AWS e.g. Jenkins or AWS CodePipeline
- Experience working in a regulated environment such as PCI or SO
SeedInvest is a leading equity crowdfunding platform that provides individual investors with access to vetted startup investment opportunities. SeedInvest was instrumental in the passage of the 2012 JOBS Act, which changed 80-year-old U.S. securities laws to make it possible for entrepreneurs to raise capital over the Internet. SeedInvest has funded over 150 startups and boasts a rapidly growing network of over 250,000 investors. SeedInvest has had over 40,000 startups apply to raise capital since inception and has accepted less than 1% of those companies to feature on the platform. The company was recently featured on the 2018 Inc. 500 List as the 4th fastest-growing financial services company in America.
In March, 2019 Circle Internet Financial Ltd. acquired SeedInvest. Circle is a global crypto finance company built on blockchain, powered by crypto assets, and dedicated to helping people and institutions create and share value globally. Circle's suite of products enable customers to send and receive money around the world easily, as well as invest in and trade crypto assets. Circle is backed by $250 million from Goldman Sachs, Baidu, IDG, Breyer Capital, General Catalyst, and other leading global investors.
We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.